Newsletter Archives

  • Secunia fixes PSI to work with IE 11 and Windows 8.1

    Posted on November 22, 2013 at 21:24 CST by Comment in the Forums

    It’s working now on all of my machines.

    InfoWorld Tech Watch

    Other

  • Secunia PSI freezes with ‘Stop running this script?’ errors in Windows 8.1

    Posted on November 4, 2013 at 20:53 CST by Comment in the Forums

    Fortunately, there’s an easy workaround.

    InfoWorld Tech Watch

    Windows News

  • Your biggest vulnerabilities aren’t what you think

    Posted on September 16, 2009 at 07:32 CDT by Comment in the Forums

    SANS Institute just released a security vulnerability analysis covering real infections and vulnerabilities on 9,000,000 real computers at big companies. Interesting reading, with some surprising conclusions.

    According to SANS:

    Waves of targeted email attacks, often called spear phishing, are exploiting client-side vulnerabilities in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. This is currently the primary initial infection vector used to compromise computers that have Internet access… Because the visitors feel safe downloading documents from the trusted sites, they are easily fooled into opening documents and music and video that exploit client-side vulnerabilities… In many cases, the ultimate goal of the attacker is to steal data from the target organizations and also to install back doors through which the attackers can return for further exploitation.

    Other than Conficker/Downadup, no new major worms for OSs were seen in the wild during the reporting period. Even so, the number of attacks against buffer overflow vulnerabilities in Windows tripled from May-June to July-August and constituted over 90% of attacks seen against the Windows operating system.

    World-wide there has been a significant increase over the past three years in the number of people discovering zero-day vulnerabilities, as measured by multiple independent teams discovering the same vulnerabilities at different times. Some vulnerabilities have remained unpatched for as long as two years. There is a corresponding shortage of highly skilled vulnerability researchers working for government and software vendors. So long as that shortage exists, the defenders will be at a significant disadvantage in protecting their systems against zero-day attacks.

    Bottom line: stay cautious. Realize that even big-name Web sites can have infected files (as Graham Cluley explains, even the New York Times site was hit recently). For heaven’s sake, don’t install or run programs that you don’t know. Keep your whole system patched, using a tool like Secunia Personal Software Inspector. And stay away from ActiveX controls, the biggest source of buffer overflow vulnerabilities – which, in my opinion, means, you should be running Firefox (or Chrome or Opera or anything but Internet Explorer).

    Office Patches/Security, Windows Patches/Security , ,

  • Windows Secrets Security Baseline

    Posted on February 26, 2009 at 13:21 CST by Comment in the Forums

    This week’s edition of Windows Secrets Newsletter just hit the stands, and Ryan Russel’s Top Story discusses changes in the WSN Security Baseline. (Windows Secrets Newsletter appears in both a free version and a paid version – and you get to decide how much you want to pay for the paid version. The Top Story always appears in the free version and the paid version.)

    In summary:

    1. Use a hardware firewall. WSN has some good recommendations. In fact, any router you buy these days has a fully functional hardware firewall.

    2. Install a security suite. WSN recommends Norton Internet Security. I’m too cheap. I still use AVG Free, or Avira Antivir Free.

    3. Check for updates regularly. Watch this site for the latest, particularly on Microsoft patches. Make sure you download, install, update and religiously run Secunia PSI.

    4. Select a more-secure browser. WSN and I strongly recommend Firefox.

    The PC you save may be your own.

    Windows Patches/Security , , , , ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.